Wednesday, September 14, 2011

Procedure to resolve "Could not establish truct relationship for the SSL/TLS security error" when SharePoint integration with other applications

One of the most interesting features for SharePoint is to integrate with other applications or different SharePoint farm.  If the integrations are using http/SSL, you may encounter the error "Could not establish trust relationship for the SSL/TLS security error".

Add multiple SharePoint and Exchange calendars to a SharePoint calendar is one typical example to integrate multiple calendars. In this case if you are using web based exchange Access (Web mail) that is normally through http/SSL, you might encounter the error listed above. See screenshot for details.

 Here is the certificate you could find for the Outlook exchange server use for the web mail.

This situation is similar to you access a https site and you need to add the certificate and trust it. You would need to do the same thing on SharePoint site to fix this error. You would need to download the root certificate from the issuing certificate authority’s website and then add to the SharePoint servers.

Then follow these steps to setup the trust relationship:
1.       Go to Outlook Web Access  and view the certificate on the site, and download the top-level root certificate (.CER) file
2.       Go to Central Administration -> Security -> General Security and then click on Manage Trust
3.       Create a name (e.g. Outlook)
4.       Upload the .CER file for the Root certificate for the trust relationship that you downloaded
5.       Click OK 

The next time you view the calendar overlay connected to exchange the error should be gone as long as the certification not changed.
We have other SharePoint integrations such as Jive Calendar with SharePoint Calendar, RSS feeds from https sites to SharePoint,  https SharePoint sites integration to http SharePoint, and many more other cases. Remember to import those top-level root certificate (.CER) files for the integration with http/SSL application to avoid potential security error.

No comments:

Post a Comment